Total
755 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-3667 | 1 Mcafee | 1 Techcheck | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker. | |||||
CVE-2019-6858 | 1 Schneider-electric | 1 Msx Configurator | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause privilege escalation when injecting a malicious DLL. | |||||
CVE-2019-18575 | 1 Dell | 1 Command\|configure | 2024-02-28 | 6.6 MEDIUM | 7.1 HIGH |
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system. | |||||
CVE-2019-18215 | 1 Comodo | 1 Comodo Internet Security | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms. | |||||
CVE-2019-9491 | 2 Microsoft, Trendmicro | 2 Windows, Anti-threat Toolkit | 2024-02-28 | 5.1 MEDIUM | 7.8 HIGH |
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | |||||
CVE-2019-7960 | 3 Adobe, Apple, Microsoft | 3 Animate Cc, Macos, Windows | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
CVE-2019-20406 | 2 Atlassian, Microsoft | 3 Confluence, Confluence Server, Windows | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability. | |||||
CVE-2019-17665 | 1 Nsa | 1 Ghidra | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
NSA Ghidra before 9.0.2 is vulnerable to DLL hijacking because it loads jansi.dll from the current working directory. | |||||
CVE-2019-19689 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses. | |||||
CVE-2019-16001 | 2 Cisco, Microsoft | 3 Webex Meetings, Webex Teams, Windows | 2024-02-28 | 4.4 MEDIUM | 5.3 MEDIUM |
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of the resources loaded by the application at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. The malicious DLL file would execute when the vulnerable application is launched. A successful exploit could allow the attacker to execute arbitrary code on the target machine with the privileges of another user account. | |||||
CVE-2019-19954 | 2 Microsoft, Signal | 2 Windows, Signal-desktop | 2024-02-28 | 6.9 MEDIUM | 7.3 HIGH |
Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file. | |||||
CVE-2016-5311 | 1 Symantec | 9 Endpoint Protection, Endpoint Protection Cloud, Norton 360 and 6 more | 2024-02-28 | 6.9 MEDIUM | 7.8 HIGH |
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. | |||||
CVE-2019-6333 | 1 Hp | 1 Touchpoint Analytics | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827. This vulnerability may allow a local attacker with administrative privileges to execute arbitrary code via an HP Touchpoint Analytics system service. | |||||
CVE-2019-14688 | 2 Microsoft, Trendmicro | 9 Windows, Control Manager, Endpoint Sensor and 6 more | 2024-02-28 | 5.1 MEDIUM | 7.0 HIGH |
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run. | |||||
CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2024-02-28 | 6.9 MEDIUM | 6.5 MEDIUM |
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | |||||
CVE-2019-19235 | 2 Asus, Microsoft | 2 Atk Package, Windows 10 | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular path, with a particular file name. | |||||
CVE-2019-16407 | 1 Jetbrains | 1 Resharper | 2024-02-28 | 4.4 MEDIUM | 7.3 HIGH |
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability. | |||||
CVE-2019-17093 | 2 Avast, Avg | 2 Antivirus, Anti-virus | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0. | |||||
CVE-2019-3726 | 1 Dell | 3 Client Platforms, Emc Servers, Update Package Framework | 2024-02-28 | 6.2 MEDIUM | 6.7 MEDIUM |
An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package (DUP) Framework file versions prior to 3.8.3.67 used in Dell Client Platforms. The vulnerability is limited to the DUP framework during the time window when a DUP is being executed by an administrator. During this time window, a locally authenticated low privilege malicious user potentially could exploit this vulnerability by tricking an administrator into running a trusted binary, causing it to load a malicious DLL and allowing the attacker to execute arbitrary code on the victim system. The vulnerability does not affect the actual binary payload that the DUP delivers. | |||||
CVE-2019-6692 | 1 Fortinet | 1 Forticlient | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL. |